There is an increasing desire, particularly in enterprises, to secure access to the content of computer systems using security systems such as full disk encryption. Full disk encryption (also called whole disk encryption) uses encryption software and/or hardware to encrypt all data (normally with the exception of a small footprint boot program) on a physical storage medium such as a hard disk. Full Disk Encryption prevents unauthorized access to data storage without knowledge of the decryption key. It cannot be booted without the key, nor could it be pulled from the computer system and accessed elsewhere without that key.
A security front end sits in front of any operating system on the physical storage medium and prevents access to the operating system (which is itself encrypted) without authentication. Booting of the computer system results the secure front end being loaded and only upon successful user authentication is the disk decrypted and the operating system booted. The authentication may be linked to hardware such as a trusted platform module (TPM) in the computer system.
There are various advantages of full disk encryption. Not least, the computer and its operating system is rendered inaccessible without the decryption key. Any data stored locally is unintelligible and the computer's value to a would-be thief is significantly reduced as there is no opportunity to retrieve the data for phishing, blackmail etc, nor is the computer itself useable without being wiped and a new operating system installed. Full disk encryption is proving exceptionally popular for mobile workers who carry portable computers. However, there is also an increasing trend to secure desktop PCs and even servers (particularly in branch offices where physical security may not be ideal) with mechanisms such as full disk encryption.
Whilst systems such as full disk encryption enable an enterprise to secure access to a computer system without prior authentication, they also have negative side-effects.
One particular issue is in patching and update management. Patches are typically fixes for a specific product, addressing a security-vulnerability. Updates may also address security vulnerabilities, although they may also provide changes to functionality.
Patching and update management is the process of controlling the deployment and maintenance of interim software releases into production environments. It helps to maintain operational efficiency and effectiveness, overcome security vulnerabilities, and maintain the stability of the production environment. Patching and applying updates to software and operating systems is vital in today's environment where manufacturers often have to issue patches/updates in response to newly publicized exploits. Anti-virus/malware suite providers and application vendors are typically slower than virus and malware writers to react to new exploits and this makes it all the more important that patches, antivirus signature files and updates are rolled out as soon as possible to cut short the head start that virus and malware writers have often been given. The rise of widespread worms and malicious code targeting known vulnerabilities on unpatched systems, and the resultant downtime and expense they bring, is probably the biggest reason so many organizations are focusing on patch management.
Patch management systems are designed to assist an administrator in distributing one or more software updates, or patches, to a number of computer systems substantially simultaneously. The software update process is often done in the background so that a user of the computer system is not affected by the update. However, patching and updating is not always completely unobtrusive and can require reboots, closing of applications and general performance slow-downs which are not desirable when a user is attempting to do their day to day work.
It is common for patching, updates and other IT maintenance to be done out of working hours to avoid interrupting the workforce and losing time that could otherwise be spent bringing in revenue. In many enterprises, unattended out of hours patching and updates is achieved by using systems such as wake-up on Lan (WOL) in which computer systems can be shut down by users at the end of their working day but later automatically (and/or remotely) woken by special WOL commands transmitted over the network, patched and then shut down again. This keeps power usage as low as possible and also avoids a computer system being left on overnight which would risk its security could be compromised by cleaning staff, intruders etc. Unless there are significant or unpredictable patches or updates to be applied, it also means that the process can be automated and unattended and the IT support department need merely review a patching report the following morning to identify problems.
However, it will be appreciated that the desire to shut computer systems down at the end of the day conflicts with the desire to perform IT maintenance out of hours. While WOL previously was able to side step this issue, the advent of security such as TPMs and full disk encryption means that even if a secure computer system that is woken by a WOL command, authentication credentials must still be provided to the security front end to enable access to the operating system to be patched/updated. It would be a severe security risk to send those credentials over a network (or store them locally for access or simply “trust” the patch/update system). This results in a stalemate. From a security perspective, secure authentication is desirable. From a maintenance perspective, unattended access is desirable.
Similar problems apply to hosted data centre environments where servers and other computer systems may be at physically remote sites from users and their IT support staff. While datacenters are accessible to those renting rack space, some charge for this privilege and even where there is no charge there is significant inconvenience of sending someone out to the datacenter.